Dr Naghmeh Moradpoor Sheykhkanloo N.Moradpoor@napier.ac.uk
Lecturer
Employing Neural Networks for the Detection of SQL Injection Attack
Sheykhkanloo, Naghmeh Moradpoor
Authors
Abstract
Structured Query Language Injection (SQLI) attack is a code injection technique in which malicious SQL statements are inserted into the SQL database by simply using web browsers. SQLI attack can cause severe damages on a given SQL database such as losing data, disclosing confidential information or even changing the values of data. It has also been rated as the number-one attack on the Open Web Application Security Project (OWASP) top ten. In this paper, we propose an effective model to deal with this problem based on Neural Networks (NNs). The proposed model is built from three main elements of: a Uniform Resource Locator (URL) generator in order to generate thousands of malicious and benign URLs, a URL classifier in order to classify the generated URLs to either benign or malicious URLs, and an NN model in order to detect either a given URL is a malicious URL or a benign URL. The model is first trained and then evaluated by employing both benign and malicious URLs. The results of the experiments are presented in order to demonstrate the effectiveness of the proposed approach.
| Presentation Conference Type | Conference Paper (Published) |
|---|---|
| Conference Name | 7th International Conference on Security of Information and Networks - SIN '14 |
| Start Date | Sep 9, 2014 |
| End Date | Sep 11, 2014 |
| Acceptance Date | Jan 1, 2014 |
| Publication Date | 2014 |
| Deposit Date | Jan 12, 2017 |
| Publisher | Association for Computing Machinery (ACM) |
| Book Title | SIN '14 Proceedings of the 7th International Conference on Security of Information and Networks |
| ISBN | 9781450330336 |
| DOI | https://doi.org/10.1145/2659651.2659675 |
| Keywords | Anomaly detection, SQL injection attack, machine learning, Artificial Intelligence, Neural Networks, NNs |
| Public URL | http://researchrepository.napier.ac.uk/Output/461564 |
You might also like
SQL-IDS: evaluation of SQLi attack detection and classification based on machine learning techniques
(2015)
Presentation / Conference Contribution
Employing machine learning techniques for detection and classification of phishing emails
(2018)
Presentation / Conference Contribution
Hybrid optical and wireless technology integrations for next generation broadband access networks
(2011)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search